Tina Knutson here…
A few years back we integrated privacy into the SDL. Privacy and security often go hand-in-hand, but they are not the same thing. They often have the same objective, but the focus is different. When it comes to customer data, security focuses on keeping your data safe, while privacy focuses on giving you control.
At privacy conferences and trainings, I’ve run into what I believe is a disturbing trend. In a lot of the events and conversations I’ve experienced, privacy often ends up being used as a synonym for “data security.” Data security breaches are clearly a big concern and shouldn’t be taken lightly; but privacy training, policies, and processes should go much deeper than *just* safeguarding the data. Yes, data security is very important, but privacy should cover so much more.
Anytime we collect your data, we know that the experience can either increase your trust or destroy it. If you understand what’s being collected, why it’s being collected, what the benefits are (to you – not to Microsoft!), and how you can control it in the future, you are much more likely to trust us. In order to build trust when collecting data, we believe that clear and accurate communication is paramount. For example, when Windows Media Player collects information about a DVD you’re watching, it’s better to know up front that this information is used to provide you with media information such as DVD title and cover art. If you don’t know this and have to extrapolate why Microsoft might want to know the DVDs you’re watching, it could seem pretty creepy.
In addition to communication, another privacy concern is minimizing the data collected. It’s all too easy for a product or marketing team to collect data because “it could be useful” one day. My job, and the job of my colleagues in the privacy space, is to make sure that teams know that any use that hasn’t been disclosed in the initial capture of data is off limits. In integrating privacy considerations into the SDL, we’re spreading the word that all of the commitments made at the time of collection apply to that data until it is destroyed. Anyone who uses the data must understand and follow the parameters under which it can be used. When your data is collected specifically to provide a service to you, it shouldn’t be used for secondary purposes, like marketing, unless you were notified of the use and agreed to it when the data was collected. Yes, the data also needs to be kept safe, but that shouldn’t be the only focus.
Privacy is not just about protecting data once you have it; it’s also about minimizing the data collected, and making sure that you know what that data will be used for and consent to that use before your data is captured. This is one of the main reasons Privacy has been built into the SDL. Securing the data alone is not enough.
Read more about how we view privacy in our Privacy Guidelines for Developing Software Products and Services.